Johannes Berg [Tue, 8 Sep 2015 09:46:32 +0000 (12:46 +0300)]
hostapd: Add testing option to use only ECSA
Some APs don't include a CSA IE when an ECSA IE is generated,
and mac80211 used to fail following their channel switch. Add
a testing option to hostapd to allow reproducing the behavior.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:31 +0000 (12:46 +0300)]
Handle VHT operating classes correctly
Fix and extend the ieee80211_freq_to_channel_ext() function to deal
correctly with VHT operating classes (128, 129, 130).
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Luciano Coelho [Tue, 8 Sep 2015 09:46:30 +0000 (12:46 +0300)]
Set channel and operating class in hostapd_fill_csa_settings()
The CSA channel and operating class values need to be set for all types
of channel switch (i.e., either if it's triggered by the control
interfaces or due to the GO-follows-STA flow). To do so, move the code
that sets them from the GO-follows-STA flow to the more generic
hostapd_fill_csa_settings() function.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Luciano Coelho [Tue, 8 Sep 2015 09:46:29 +0000 (12:46 +0300)]
Use ieee80211_freq_to_chan() when getting segment indices
The hostapd_hw_get_channel() function can't be used to convert center
frequencies to channel numbers, because the hw mode lists don't have all
the center frequencies. The hw mode lists have the main channel
frequencies and flags to indicate the channel topography.
For instance, channel 5805 with VHT80- has the channel center frequency
segment 0 at 5775. This segment is only indicated indirectly in the hw
mode list by the HOSTAPD_CHAN_VHT_50_30 flag. The hw mode list doesn't
have any elements with frequency 5775 to allow the conversion to a
channel number. Thus, we need to use ieee80211_freq_to_chan() instead.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:27 +0000 (12:46 +0300)]
Provide an offset to CSA counters in Probe Response frames
Pass to the driver a list of CSA counter offsets when sending Probe
Response frames during a CSA period. This allows the kernel to correctly
update the CSA/eCSA elements.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:26 +0000 (12:46 +0300)]
nl80211: Specify CSA offsets in send_mlme() driver op
Some management frames contain CSA counters which should be updated by
kernel. Change driver op send_mlme() allowing to send a frame,
specifying an array of offsets to the CSA counters which should be
updated. For example, CSA offsets parameters should be specified when
sending Probe Response frames during CSA period.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:25 +0000 (12:46 +0300)]
Advertise Supported Operating Classes elements in Beacon/Probe Response
Advertise current operating class in Beacon and Probe Response frames.
This Supported Operating Classes element is required by the standard
when extended channel switch is supported. However, since this element
doesn't reflect correctly the sub-band spectrum breakdown and can't be
effectively used by clients, publish only the minimal required part
which is the current operating class.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Tue, 8 Sep 2015 09:46:24 +0000 (12:46 +0300)]
Handle channel switch notification for other interface types
Channel switch notification was handled only for AP/GO interfaces. As
the notification can be sent on other interface types as well, extend
the handling to handle other interface types.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:22 +0000 (12:46 +0300)]
Fix CSA related IEs order
Fix the order of CSA, eCSA, Secondary Channel Offset, and Wide Bandwidth
Channel Switch Wrapper elements in Beacon and Probe Response frames.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:21 +0000 (12:46 +0300)]
Move HT CSA related IE function
Move Secondary Channel element function to ieee802_11_ht.c.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:20 +0000 (12:46 +0300)]
P2P: Implement P2P_GO_FREQ_MOVE_SCM_ECSA policy
Add new GO frequency move policy. The P2P_GO_FREQ_MOVE_SCM_ECSA prefers
SCM if all the clients advertise eCSA support and the candidate
frequency is one of the group common frequencies.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:19 +0000 (12:46 +0300)]
P2P: Trigger channel selection correctly during CSA
Do not consider moving GOs to a new channel if one of them is in the
middle of CSA. In addition, call wpas_p2p_update_channel_list() after
EVENT_CH_SWITCH is handled.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Tue, 8 Sep 2015 09:46:18 +0000 (12:46 +0300)]
Move hostapd_csa_in_progress() to hostapd.c
Move hostapd_csa_in_progress() to hostapd.{h,c} so it can be used
for contexts other than DFS.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Tue, 8 Sep 2015 09:46:17 +0000 (12:46 +0300)]
P2P: Relax wpas_p2p_init_go_params() for P2P GO CSA
wpas_p2p_move_go_csa() uses wpas_p2p_init_p2p_params() to select the
frequency to move to. However, it is possible that all the channels are
already used, so the selection of a new frequency would fail, although
the frequency used by the P2P GO should not be considered as used if it
is the only one using it.
To overcome this, allow the frequency selection to continue even if all
the frequencies are in use, but the frequency used by the P2P GO is not
used by any station interface.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:16 +0000 (12:46 +0300)]
P2P: Implement wpas_p2p_move_go_csa()
Use channel switch mechanism to move a P2P GO to a new channel,
when required. In order to be able to reconfigure the GO channel,
split wpa_supplicant_conf_ap() function, so the frequency
configuration part can be reused to find additional CSA settings.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:15 +0000 (12:46 +0300)]
Add support for eCSA
Extended channel switch provides an ability to switch between operating
classes and is required for P2P Devices by the P2P specification when
switching in 5 GHz.
When the operating class is provided for channel switch, the AP/P2P GO
will use eCSA IE in addition to the regular CSA IE both on 2.4 GHz and 5
GHz bands.
Transitions between different hw_modes are not supported.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:14 +0000 (12:46 +0300)]
nl80211: Suppport multiple CSA counters
Channel switch may be performed using both CSA and eCSA IEs together.
This may happen, for example with a P2P GO on band A with legacy
clients. Extend driver API to support up to 2 CSA counters.
This patch also includes the required implementation for nl80211.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:13 +0000 (12:46 +0300)]
Support VHT channel width change for CSA
When building Beacon and Probe Response frames for the target channel,
consider bandwidth parameter for VHT channels. In addition, add support
for updating vht_oper_centr_freq_seg0_idx and
vht_oper_centr_freq_seg1_idx.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:12 +0000 (12:46 +0300)]
Add Wide Bandwidth Channel Switch element
When switching to a VHT channel with width greater than 20 MHz, add Wide
Bandwidth Channel Switch element. This element is added in Beacon and
Probe Response frames inside Channel Switch Wrapper element.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:11 +0000 (12:46 +0300)]
Use previously computed channel in cs_freq_params for Beacon frames
When CSA is started, hostapd_change_config_freq() computes the channel
from the provided frequency. Use this stored channel to add CSA IE in
Beacon frames, instead of recomputing the channel each time.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Jouni Malinen [Sat, 3 Oct 2015 13:27:01 +0000 (16:27 +0300)]
tests: hostapd WPS UPnP web OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 3 Oct 2015 13:26:10 +0000 (16:26 +0300)]
WPS: Mark web_connection_parse_get() argument filename const
All the other web_connection_parse_*() functions were already doing
this, so make the GET handler consistent as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Oct 2015 16:16:04 +0000 (19:16 +0300)]
tests: Fix OCSP response for ap_wpa2_eap_ttls_ocsp_revoked
Due to a serial number mismatch, the correct "revoked" status was not
used; instead "unknown" was used. While the test case would not fail for
this, incorrect code path was checked.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
David du Colombier [Thu, 1 Oct 2015 08:26:43 +0000 (11:26 +0300)]
wpa_cli: Fix static linking with readline
The readline library depends on ncurses, so it should be set before
ncurses on the linker command line to be able to be statically linked
successfully.
Signed-off-by: David du Colombier <0intro@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Jouni Malinen [Thu, 1 Oct 2015 15:43:21 +0000 (18:43 +0300)]
tests: WPA2-PSK and retry for EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 1 Oct 2015 15:51:04 +0000 (18:51 +0300)]
Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
Commit
7d711541dced759b34313477d5d163e65c5b0131 ('Clear TK part of PTK
after driver key configuration') started clearing TK from memory
immediately after having configured it to the driver when processing
EAPOL-Key message 3/4. While this covered the most common case, it did
not take into account the possibility of the authenticator having to
retry EAPOL-Key message 3/4 in case the first EAPOL-Key message 4/4
response is lost. That case ended up trying to reinstall the same TK to
the driver, but the key was not available anymore.
Fix the EAPOL-Key message 3/4 retry case by configuring TK to the driver
only once. There was no need to try to set the same key after each
EAPOL-Key message 3/4 since TK could not change. If actual PTK rekeying
is used, the new TK will be configured once when processing the new
EAPOL-Key message 3/4 for the first time.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 1 Oct 2015 09:46:10 +0000 (12:46 +0300)]
Remove obsolete mac80211_hwsim tests
The tests/hwsim framework has obsoleted these separate configuration
files for manual mac80211_hwsim testing.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 29 Sep 2015 14:11:21 +0000 (17:11 +0300)]
nl80211: Add build option for QCA vendor extensions
This allows the binary sizes to be reduced if no support for nl80211
vendor extensions are needed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Kanchanapally, Vidyullatha [Fri, 25 Sep 2015 11:36:27 +0000 (17:06 +0530)]
Parallelize distinct radio work operations
This commit contains the necessary changes to parallelize
distinct radio work operations which are different in type and
the band used, only when the underlying driver is capable of
supporting such simultaneous offchannel operations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Kanchanapally, Vidyullatha [Tue, 22 Sep 2015 10:49:02 +0000 (16:19 +0530)]
nl80211: Extract driver offchannel simultaneous capability
Make the driver offchannel simultaneous capability available to
wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Kanchanapally, Vidyullatha [Tue, 15 Sep 2015 13:21:07 +0000 (18:51 +0530)]
Add QCA vendor definitions for simultaneous offchannel
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Kanchanapally, Vidyullatha [Wed, 16 Sep 2015 12:15:05 +0000 (17:45 +0530)]
nl80211: Support vendor scan together with normal scan
Allow wpa_supplicant to use vendor scan (if supported by the driver)
together with the normal nl80211 scan and handling external scan events.
Since this results in possibility of concurrent scan operations, some of
the operations related to scan results need to check more carefully when
an event is relevant for a specific interface.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Kanchanapally, Vidyullatha [Tue, 15 Sep 2015 13:54:43 +0000 (19:24 +0530)]
nl80211: Driver interaction for QCA vendor scan
This commit contains the necessary changes for supporting the QCA vendor
scan implementation, i.e., sending the vendor scan command to underlying
driver and handling the vendor scan events from the driver.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Kanchanapally, Vidyullatha [Tue, 15 Sep 2015 13:21:07 +0000 (18:51 +0530)]
Add QCA vendor definitions for vendor scan support
Introduce definitions for QCA vendor specific subcommands
and attributes to support vendor scan request.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 30 Sep 2015 22:37:47 +0000 (01:37 +0300)]
tests: Update server and user certificates (2015)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Sep 2015 17:48:54 +0000 (20:48 +0300)]
The master branch is now used for v2.6 development
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Sep 2015 19:07:22 +0000 (22:07 +0300)]
doc: Update version to 2.5
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Sep 2015 17:48:25 +0000 (20:48 +0300)]
Change version information for the 2.5 release
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Sep 2015 17:13:59 +0000 (20:13 +0300)]
Add ChangeLog entries for v2.5
Signed-off-by: Jouni Malinen <j@w1.fi>
Johannes Berg [Tue, 15 Sep 2015 15:09:22 +0000 (17:09 +0200)]
tests: Add test for hostapd cli ordering
When the 'SET wpa 2' command is executed last, it seems to somehow
reset parts of the settings, causing hostapd to beacon with the
pairwise cipher suite selector set to 00-0F-AC:0 (none/use-group).
This is not permitted and should be rejected; wpa_supplicant also
cannot connect.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sun, 27 Sep 2015 10:25:00 +0000 (13:25 +0300)]
Do not clear RSN parameters before full configuration
This fixes an issue where hostapd SET command is used to configure RSN
parameters and the wpa parameter is sent after the other parameters.
Previously, the default case here ended up clearing rsn_pairwise and
wpa_pairwise values and once wpa=2 was finally set, the cipher
configuration had already been lost.
Signed-off-by: Jouni Malinen <j@w1.fi>
Maneesh Jain [Thu, 18 Jun 2015 04:16:34 +0000 (09:46 +0530)]
D-Bus: Add InvitationReceived Signal
This is equivalent to the P2P_EVENT_INVITATION_RECEIVED signal on the
control interface. It can be used to sent the Invitation Received signal
to applications written using D-Bus.
Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
Saurav Babu [Thu, 28 May 2015 03:53:07 +0000 (09:23 +0530)]
D-Bus: Add Signal to notify WPS PBC Overlap event
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Saurav Babu [Thu, 28 May 2015 03:53:06 +0000 (09:23 +0530)]
D-Bus: Add signal to notify WPS timeout event
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:23 +0000 (12:46 +0300)]
wpa_supplicant: Fix channel switch notification with VHT
Fix a bug in wpas_ap_ch_switch() function, which didn't pass VHT
frequencies correctly to hostapd_event_ch_switch().
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:10 +0000 (12:46 +0300)]
Update wpa_s->current_ssid->frequency on CS event
Update wpa_s->current_ssid->frequency when EVENT_CH_SWITCH is received.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Tue, 8 Sep 2015 09:46:09 +0000 (12:46 +0300)]
P2P: Fix the calculation of group common freqs
Previously, the calculation allowed for the same frequency to appear
several times in the result.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Andrei Otcheretianski [Tue, 8 Sep 2015 09:46:08 +0000 (12:46 +0300)]
Fix get_shared_radio_freqs_data() used-by flags setting
Fix an iteration bug in get_shared_radio_freqs_data when building
freqs_data array. Only the last used-by flag was maintained instead of
making this a bitfield of all found uses.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Masashi Honma [Tue, 8 Sep 2015 06:10:13 +0000 (15:10 +0900)]
mesh: Add support for scanning only the current frequency
This patch enables scan_cur_freq=1 on VIF based mesh network.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Nishant Chaprana [Thu, 17 Sep 2015 12:46:03 +0000 (18:16 +0530)]
D-BUS: dev_passwd_id should be "q" because it uses DBUS_TYPE_UINT16
This corrects the type of dev_passwd_id in GONegotiationRequest event.
This field is packed as DBUS_TYPE_UINT16 but in
wpas_dbus_interface_signals it was "i" which is DBUS_TYPE_INT32.
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
Jouni Malinen [Fri, 25 Sep 2015 16:43:44 +0000 (19:43 +0300)]
Fix EAP-EKE peer build rules
NEED_AES_CBC is needed for EAP-EKE builds.
Signed-off-by: Jouni Malinen <j@w1.fi>
Alan T. DeKok [Tue, 22 Sep 2015 15:24:12 +0000 (11:24 -0400)]
Linker changes for building eapol_test on OS X
Signed-off-by: Alan DeKok <aland@freeradius.org>
Alan T. DeKok [Tue, 22 Sep 2015 14:56:51 +0000 (10:56 -0400)]
Portability fixes for OS X
Fix os_get_reltime() and os_fdatasync() for OS X.
Signed-off-by: Alan DeKok <aland@freeradius.org>
Amarnath Hullur Subramanyam [Wed, 23 Sep 2015 19:39:41 +0000 (12:39 -0700)]
Android: Set ctrl_iface client socket group (AID_WIFI) separately
Split chown() call in wpa_ctrl_open() and wpa_ctrl_open2() to allow the
group id to be set even if the process does not have privileges to
change the owner. This is needed for modules that need to communicate
with wpa_supplicant since without the group change, wpa_supplicant may
not have privileges to send the response to a control interface command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Wed, 23 Sep 2015 15:51:49 +0000 (21:21 +0530)]
Android: Avoid same per-iface and global ctrl socket
Android platform assigns the same socket id if the socket identifier in
conf->ctrl_interface and global->params.ctrl_interface (parameter for
android_get_control_socket) point to the same Android specific control
socket. This ends up having two eloop socket handlers registered for the
same file descriptor and thus, two attempt to receive and process each
command. This can result in unexpected failure, e.g., the prefix IFNAME=
for any command is valid for global socket handler, but results in
UNKNOWN COMMAND response from the per-interface ctrl socket handler).
Since it might be possible to end up with this type of invalid
configuration in OTA upgrade, compare the socket identifiers and do not
open the ctrl socket on the respective interface if both point to same.
This allows the Wi-Fi framework to use the global control interface.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashok Raj Nagarajan [Tue, 22 Sep 2015 13:56:00 +0000 (19:26 +0530)]
Do not copy STA VHT capabilities if VHT is not enabled for AP
Previously, station's VHT information elements were copied and passed
regardless of the AP's VHT configuration. As a result, AP with VHT
disabled in configuration could have ended up transmitting packets in
VHT rates though AP is not advertising VHT support. Fix this by copying
the station's VHT capabilities only when AP supports VHT (both hardware
and configuration).
Signed-off-by: Ashok Raj Nagarajan <arnagara@qti.qualcomm.com>
Jouni Malinen [Tue, 22 Sep 2015 09:03:53 +0000 (12:03 +0300)]
tests: WPA2-Enterprise interactive identity entry and ENABLE_NETWORK
This verifies that ENABLE_NETWORK does not trigger reconnection if
already connected. The previous commit fixed a case where it was
possible for that to happen.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Sep 2015 08:55:54 +0000 (11:55 +0300)]
Avoid reconnection on ENABLE_NETWORK if already connected
This was already the case for most command sequences, but it was
possible for wpa_s->reassociate to be set to 1 when CTRL-RSP-* commands
were used to set identity, password, or passphrase for EAP
authentication. In such cases, ENABLE_NETWORK issued after the
connection was completed could result in a new connection attempt
(likely reconnection back to the same BSS).
Fix this by checking whether an actual connection is already present
even if wpa_s->reassociate is set when processing the ENABLE_NETWORK
command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Thu, 17 Sep 2015 10:30:42 +0000 (10:30 +0000)]
Update AP WPA/RSN IE on all associations if driver can select BSS
It is possible for driver-based BSS selection to end up reassociating
back to the current AP. If wpa_supplicant preferred another BSS, it
would have updated the internal knowledge of the AP's WPA/RSN IE when
requesting a new connection. In the special case of existing association
and new association being with the same BSS that is different from the
wpa_supplicant preference, association event processing skipped the
WPA/RSN IE update. This could result in the following 4-way handshake
getting rejected due to incorrectly detected mismatch with AP's RSN/WPA
IE between Beacon/Probe Response frame and EAPOL-Key msg 3/4.
Fix this by updating the AP WPA/RSN IE on all association events when
driver-based BSS selection is used regardless of whether the BSSID
changes. This could also cover a theoretical case of the AP changing its
RSN/WPA IE at the very moment we try to reassociate back to the same
BSS.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 10 Sep 2015 08:19:44 +0000 (11:19 +0300)]
Drop some control interface debug print verbosity for send operations
These prints were at DEBUG level (-d), but they can be very frequent, so
drop them to MSGDUMP (-dd). This allows the prints to be suppressed in
common debugging cases while still leaving them easily enablable to
debug control interface issues without having to enable excessive
debugging.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 10 Sep 2015 08:17:19 +0000 (11:17 +0300)]
Reduce debug verbosity for read-only control interface commands
Commands like BSS and GET_NETWORK are used in some cases very frequently
and those can increase the amount of debug information from
wpa_supplicant without significant benefit. These were logged at the
DEBUG level (-d). Move logging of such read-only commands (i.e., no new
wpa_supplicant operation is started based on it) to EXCESSIVE level
(-ddd) which was already used for the PING command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 9 Sep 2015 14:35:06 +0000 (17:35 +0300)]
WPA: Do not print GTK in debug log unless requested
The GTK value received in RSN (WPA2) group rekeying did not use the
wpa_hexdump_key() version of debug printing that is conditional on -K
being included on the command line.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 7 Sep 2015 19:56:40 +0000 (22:56 +0300)]
WPS: Reduce struct wps_parse_attr size
Use shorter variables for storing the attribute lengths and group these
variables together to allow compiler to pack them more efficiently. This
reduces the struct size from 960 bytes to 760 bytes in 64-bit builds.
This reduces stack use in number of functions.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 19:52:45 +0000 (22:52 +0300)]
WPS: Reduce wps_ap_priority_compar() stack use
There is no need to maintain two concurrent instances of struct
wps_parse_attr in this function. Share a single structure for parsing
both IEs.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 17:53:23 +0000 (20:53 +0300)]
tests: WPS and DISABLE/ENABLE AP
This is a regression test case for the issue fixed by the previous
commit (hapd->num_probereq_cb not getting cleared on deinit).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Chen, Yi [Wed, 2 Sep 2015 15:55:01 +0000 (21:25 +0530)]
WPS: Fix num_probereq_cb clearing on DISABLE to avoid segfault
Reset hapd->num_probereq_cb to 0 on an interface deinit to avoid
unexpected behavior if the same interface is enabled again without fully
freeing the data structures. hostapd_register_probereq_cb() increments
hapd->num_probereq_cb by one and leaves all old values unchanged. In
this deinit+init case, that would result in the first entry in the list
having an uninitialized pointer and the next Probe Request frame
processing would likely cause the process to terminate on segmentation
fault.
This issue could be hit when hostapd was used with WPS enabled (non-zero
wps_state configuration parameter) and control interface command DISABLE
and ENABLE were used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 7 Sep 2015 14:46:40 +0000 (17:46 +0300)]
tests: WPS ER learn OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 14:45:53 +0000 (17:45 +0300)]
WPS ER: Clean up WPS session on PutMessage error cases
This is needed to allow new operation to be started after an error
without having to wait for the AP entry to time out.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 14:24:29 +0000 (17:24 +0300)]
tests: WPS ER SetSelectedRegistrar OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 14:08:52 +0000 (17:08 +0300)]
tests: WPS ER OOM in PutWLANResponse generation
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 14:04:57 +0000 (17:04 +0300)]
tests: WPS ER OOM in STA add
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 13:59:19 +0000 (16:59 +0300)]
tests: WPS ER and OOM in HTTP response generation
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 13:53:23 +0000 (16:53 +0300)]
tests: Use sqlite3.Binary() with the log files
This is needed to avoid issues in some cases where 8-bit bytestrings may
be present in the otherwise text debug log.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 13:38:38 +0000 (16:38 +0300)]
tests: WPS ER subscribe OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 13:31:38 +0000 (16:31 +0300)]
tests: WPS ER caching AP settings (OOM)
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 6 Sep 2015 18:47:28 +0000 (21:47 +0300)]
tests: WPS against external implementation
This adds a Python-based minimal WSC protocol implementation to allow
more testing coverage to be reached for various error cases in protected
attributes. The wps_ext test case completes successful exchange in both
the Enrollee and Registrar roles acting in the middle of AP and STA. The
other test cases cover error cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 10:46:58 +0000 (13:46 +0300)]
tests: WPS ER init failure
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 7 Sep 2015 10:42:22 +0000 (13:42 +0300)]
tests: WPS AP configured for special ap_setup_locked=2 mode
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 6 Sep 2015 08:56:10 +0000 (11:56 +0300)]
tests: WPS AP and UPnP event subscription and many events
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 6 Sep 2015 08:32:02 +0000 (11:32 +0300)]
tests: Multiple WPS ERs adding a new enrollee using PIN
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 19:29:00 +0000 (22:29 +0300)]
tests: D-Bus GroupFormationFailure signal
Signed-off-by: Jouni Malinen <j@w1.fi>
Nishant Chaprana [Thu, 20 Aug 2015 10:58:33 +0000 (16:28 +0530)]
P2P: Add D-Bus signal GroupFormationFailure
This is similar to the control interface event
P2P-GROUP-FORMATION-FAILURE.
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
Jouni Malinen [Sat, 5 Sep 2015 18:58:18 +0000 (21:58 +0300)]
tests: WPS config method update for WPS and P2P
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 18:49:38 +0000 (21:49 +0300)]
WPS: Allow config_methods to be cleared with an empty string
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 18:35:58 +0000 (21:35 +0300)]
tests: IBSS RSN OOM during wpa_init
This is a regression test for a segfault that was fixed in the previous
commit.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 18:35:16 +0000 (21:35 +0300)]
RSN IBSS: Fix segfault on error path
If wpa_init() fails, wpa_deinit(NULL) must not be called to avoid
hitting a NULL pointer dereference.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 18:30:45 +0000 (21:30 +0300)]
tests: Secure mesh network setup failing due to wpa_init() OOM
This is a regression test for incorrect error path behavior that was
fixed in the previous commits.
Signed-off-by: Jouni Malinen <j@w1.fi>
Masashi Honma [Wed, 26 Aug 2015 08:32:39 +0000 (17:32 +0900)]
mesh: Fix memory leak on error path
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Wed, 26 Aug 2015 08:32:38 +0000 (17:32 +0900)]
mesh: Fix segfault on error path
When wpa_init() in __mesh_rsn_auth_init() failed, empty rsn->auth caused
segmentation fault due to NULL pointer dereference when wpa_deinit() was
called. Fix this by checking the pointer before executing deinit steps.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Mon, 31 Aug 2015 07:58:10 +0000 (16:58 +0900)]
mesh: Add RSN IE to Mesh Peering Open/Confirm frames
The RSN IE is required by IEEE Std 802.11-2012 on SAE use case:
Table 8-262 Mesh Peering Open frame Action field format
Table 8-263 Mesh Peering Confirm frame Action field format
Add the RSN IE to these frames.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Mon, 31 Aug 2015 07:58:09 +0000 (16:58 +0900)]
mesh: Rename IE field to clarify its use
This is used only for RSNE.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Jouni Malinen [Sat, 5 Sep 2015 17:51:11 +0000 (20:51 +0300)]
TDLS: Use proper IE parsing routine for non-EAPOL-Key cases
wpa_supplicant_parse_ies() was never supposed to be used as a generic IE
parser, i.e., it is for the specific purpose of parsing EAPOL-Key Key
Data IEs and KDEs. TDLS used this function for parsing generic AP IEs
and while that works, it resulted in confusing "WPA: Unrecognized
EAPOL-Key Key Data IE" debug messages. Clean this up by using
ieee802_11_parse_elems() for the cases where generic IEs are being
parsed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 17:40:44 +0000 (20:40 +0300)]
Add BSS operating frequency to more debug messages
This makes it easier to analyze debug logs when figuring out channel
related issues.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 17:29:01 +0000 (20:29 +0300)]
tests: AP and STA tracking with passive scan
Verify that Public Action frame from a STA is used to add a tracking
entry.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 16:38:06 +0000 (19:38 +0300)]
Add station tracking based on other management frame subtypes
This extends the previous tracking design to add a station entry based
on other management frames than Probe Request frames. For example, this
covers a case where the station is using passive scanning.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 16:28:56 +0000 (19:28 +0300)]
wpa_gui: Increase control interface message buffer for LIST_NETWORKS
Double the buffer length from 2048 to 4096 to match the length used
currently in wpa_supplicant. This allows wpa_gui to retrieve information
for more networks than previously.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 16:28:45 +0000 (19:28 +0300)]
WPS: Merge identical error paths in ssdp_listener_open()
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 16:01:42 +0000 (19:01 +0300)]
tests: Dualband AP rejecting authentication from dualband STA on 2.4 GHz
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 16:00:03 +0000 (19:00 +0300)]
Add option to reject authentication on 2.4 GHz from dualband STA
The new no_auth_if_seen_on=<ifname> parameter can now be used to
configure hostapd to reject authentication from a station that was seen
on another radio.
This can be used with enabled track_sta_max_num configuration on another
interface controlled by the same hostapd process to reject
authentication attempts from a station that has been detected to be
capable of operating on another band, e.g., to try to reduce likelihood
of the station selecting a 2.4 GHz BSS when the AP operates both a 2.4
GHz and 5 GHz BSS concurrently.
Note: Enabling this can cause connectivity issues and increase latency for
connecting with the AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 5 Sep 2015 15:33:35 +0000 (18:33 +0300)]
Indicate CTRL-EVENT-AUTH-REJECT event on authentication rejection
This allows control interface monitors to get more detailed information
in cases where wpa_supplicant-based SME receives an Authentication frame
with non-zero status code.
Signed-off-by: Jouni Malinen <j@w1.fi>